External event distribution.

#1

Hi everyone,

First off - many thanks and all of my appreciation for wonderful job you are doing with this project.

We have been actively using WAMP (Autobahn|Python and Autobahn|JS) for over a year now, in production and are truly amazed by the quality of

library you are providing.

Now as we grow our service, we have come across a challenge, I wanted to ask your quick opinion on:

Our backend system would generate a fairly large event stream; these events have to be distributed to a very dynamic set of clients;

By very dynamic - I mean - something which can not be handled via suffixed subscription addresses. like com.myapp.something.1, com.myapp.something.2, etc.

By design these events are such that don’t want clients to dismiss them as not important; what I want is to do is - “event delivery authorization”:

On each and every event: go through the subscriber list, and perform external validation if this user is entitled to receive this specific event or not.

Is there a standardized way how I can register such validator with crossbar.io , or I have to hack on a router code to achieve this?

Thanks in advance,

Juris

0 Likes

#2

Hi Juris,

thanks for the nice words! Encouraging;) Can you talk a little about what you do or about your system/app? Curious …

Crossbar.io has a feature called “dynamic authorization”: http://crossbar.io/docs/Authorization/#dynamic-authorization

With this, you setup a WAMP component as a dynamic authorizer that will get called by Crossbar.io whenever other session want to run an action (call, register, subscribe, publish) on an URI. The authorizer can allow or deny the specific action.

However, when a publish action on some URI is allowed, all subscribers get the event. A subscribe is also an action of course.

Hope this helps,
/Tobias

···

Am Montag, 29. Juni 2015 13:36:43 UTC+2 schrieb Juris Breicis:

Hi everyone,

First off - many thanks and all of my appreciation for wonderful job you are doing with this project.

We have been actively using WAMP (Autobahn|Python and Autobahn|JS) for over a year now, in production and are truly amazed by the quality of

library you are providing.

Now as we grow our service, we have come across a challenge, I wanted to ask your quick opinion on:

Our backend system would generate a fairly large event stream; these events have to be distributed to a very dynamic set of clients;

By very dynamic - I mean - something which can not be handled via suffixed subscription addresses. like com.myapp.something.1, com.myapp.something.2, etc.

By design these events are such that don’t want clients to dismiss them as not important; what I want is to do is - “event delivery authorization”:

On each and every event: go through the subscriber list, and perform external validation if this user is entitled to receive this specific event or not.

Is there a standardized way how I can register such validator with crossbar.io , or I have to hack on a router code to achieve this?

Thanks in advance,

Juris

0 Likes

#3

Hi, Tobias,

Here is a brief introduction to what we are doing:

https://www.youtube.com/watch?v=aOAHePJT7vE

What we are trying to achieve now (without spilling too much beans on the topic), is to inform our PBX users of relevant call events.

Now - the relevant is a key word here - as the parameters for determining which is relevant for me a user are dynamic and that decision is made on the backend.

I know I could always have event URIs: blah.blah.blah.{orgnizationID}.{userID}.specific_event and then use that for user based routing; but from a perspective of cleaner and easier maintained

frontend and backend code, I was thinking of “plugable postprocessor” prior to distributing the event; allow me to explain:

API would allow me to register pre-delivery processor to a crossbar, stating URI to pre-process, and a registered rpc method for pre-processing.

For the sake of example:

Event URI: com.service.events.new_conversation

Event pre-processor: com.service.preprocess.new_conversation

Now - whenever crossbar.io were to dispatch com.service.events.new_conversation to a subscribed client, it would first call the com.service.preprocess.new_conversation on each and every meesage-client combo it would be about to send with two parameters: 1) event contents and 2) subscribed user

Then our pre-processor would either: a) return the same event data or modify it if needed (say - removing certain keys from event data), or b) raise and exception if this event should not be distributed to the specific user.

Perhaps something to think about for crossbar.io 2.0 ? :slight_smile:

/Juris

···

On Tue, Jun 30, 2015 at 1:37 AM, Tobias Oberstein tobias.o...@gmail.com wrote:

Hi Juris,

thanks for the nice words! Encouraging;) Can you talk a little about what you do or about your system/app? Curious …

Crossbar.io has a feature called “dynamic authorization”: http://crossbar.io/docs/Authorization/#dynamic-authorization

With this, you setup a WAMP component as a dynamic authorizer that will get called by Crossbar.io whenever other session want to run an action (call, register, subscribe, publish) on an URI. The authorizer can allow or deny the specific action.

However, when a publish action on some URI is allowed, all subscribers get the event. A subscribe is also an action of course.

Hope this helps,
/Tobias

Am Montag, 29. Juni 2015 13:36:43 UTC+2 schrieb Juris Breicis:

Hi everyone,

First off - many thanks and all of my appreciation for wonderful job you are doing with this project.

We have been actively using WAMP (Autobahn|Python and Autobahn|JS) for over a year now, in production and are truly amazed by the quality of

library you are providing.

Now as we grow our service, we have come across a challenge, I wanted to ask your quick opinion on:

Our backend system would generate a fairly large event stream; these events have to be distributed to a very dynamic set of clients;

By very dynamic - I mean - something which can not be handled via suffixed subscription addresses. like com.myapp.something.1, com.myapp.something.2, etc.

By design these events are such that don’t want clients to dismiss them as not important; what I want is to do is - “event delivery authorization”:

On each and every event: go through the subscriber list, and perform external validation if this user is entitled to receive this specific event or not.

Is there a standardized way how I can register such validator with crossbar.io , or I have to hack on a router code to achieve this?

Thanks in advance,

Juris

You received this message because you are subscribed to a topic in the Google Groups “Autobahn” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/autobahnws/JNR3yppP3fw/unsubscribe.

To unsubscribe from this group and all its topics, send an email to autobahnws+...@googlegroups.com.

To post to this group, send email to autob...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/autobahnws/39d62863-c3d5-4d91-9b4b-801317a80514%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

0 Likes

#4

Hi everyone,

As it turns out - I have been a lazy doc reader. Colleague pointed me towards http://crossbar.io/docs/Subscriber-Black-and-Whitelisting/ blacklisting and whitlisting subscribers when publishing event, which would achieve excatly what we wanted. Crisis averted. Nothing to see here, people. Move along. And sorry for jumping the gun!

···

On Tue, Jun 30, 2015 at 9:07 AM, Juris Breicis juris....@gmail.com wrote:

Hi, Tobias,

Here is a brief introduction to what we are doing:

https://www.youtube.com/watch?v=aOAHePJT7vE

What we are trying to achieve now (without spilling too much beans on the topic), is to inform our PBX users of relevant call events.

Now - the relevant is a key word here - as the parameters for determining which is relevant for me a user are dynamic and that decision is made on the backend.

I know I could always have event URIs: blah.blah.blah.{orgnizationID}.{userID}.specific_event and then use that for user based routing; but from a perspective of cleaner and easier maintained

frontend and backend code, I was thinking of “plugable postprocessor” prior to distributing the event; allow me to explain:

API would allow me to register pre-delivery processor to a crossbar, stating URI to pre-process, and a registered rpc method for pre-processing.

For the sake of example:

Event URI: com.service.events.new_conversation

Event pre-processor: com.service.preprocess.new_conversation

Now - whenever crossbar.io were to dispatch com.service.events.new_conversation to a subscribed client, it would first call the com.service.preprocess.new_conversation on each and every meesage-client combo it would be about to send with two parameters: 1) event contents and 2) subscribed user

Then our pre-processor would either: a) return the same event data or modify it if needed (say - removing certain keys from event data), or b) raise and exception if this event should not be distributed to the specific user.

Perhaps something to think about for crossbar.io 2.0 ? :slight_smile:

/Juris

On Tue, Jun 30, 2015 at 1:37 AM, Tobias Oberstein tobias.o...@gmail.com wrote:

Hi Juris,

thanks for the nice words! Encouraging;) Can you talk a little about what you do or about your system/app? Curious …

Crossbar.io has a feature called “dynamic authorization”: http://crossbar.io/docs/Authorization/#dynamic-authorization

With this, you setup a WAMP component as a dynamic authorizer that will get called by Crossbar.io whenever other session want to run an action (call, register, subscribe, publish) on an URI. The authorizer can allow or deny the specific action.

However, when a publish action on some URI is allowed, all subscribers get the event. A subscribe is also an action of course.

Hope this helps,
/Tobias

Am Montag, 29. Juni 2015 13:36:43 UTC+2 schrieb Juris Breicis:

Hi everyone,

First off - many thanks and all of my appreciation for wonderful job you are doing with this project.

We have been actively using WAMP (Autobahn|Python and Autobahn|JS) for over a year now, in production and are truly amazed by the quality of

library you are providing.

Now as we grow our service, we have come across a challenge, I wanted to ask your quick opinion on:

Our backend system would generate a fairly large event stream; these events have to be distributed to a very dynamic set of clients;

By very dynamic - I mean - something which can not be handled via suffixed subscription addresses. like com.myapp.something.1, com.myapp.something.2, etc.

By design these events are such that don’t want clients to dismiss them as not important; what I want is to do is - “event delivery authorization”:

On each and every event: go through the subscriber list, and perform external validation if this user is entitled to receive this specific event or not.

Is there a standardized way how I can register such validator with crossbar.io , or I have to hack on a router code to achieve this?

Thanks in advance,

Juris

You received this message because you are subscribed to a topic in the Google Groups “Autobahn” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/autobahnws/JNR3yppP3fw/unsubscribe.

To unsubscribe from this group and all its topics, send an email to autobahnws+...@googlegroups.com.

To post to this group, send email to autob...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/autobahnws/39d62863-c3d5-4d91-9b4b-801317a80514%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

0 Likes

#5

Hi Juris!

Not a problem - Crossbar.io is powerful but also complex. Glad you found something that fits for you!

Regards,

Alex

···

Am Dienstag, 30. Juni 2015 16:18:20 UTC+2 schrieb Juris Breicis:

Hi everyone,

As it turns out - I have been a lazy doc reader. Colleague pointed me towards http://crossbar.io/docs/Subscriber-Black-and-Whitelisting/ blacklisting and whitlisting subscribers when publishing event, which would achieve excatly what we wanted. Crisis averted. Nothing to see here, people. Move along. And sorry for jumping the gun!

On Tue, Jun 30, 2015 at 9:07 AM, Juris Breicis juris....@gmail.com wrote:

Hi, Tobias,

Here is a brief introduction to what we are doing:

https://www.youtube.com/watch?v=aOAHePJT7vE

What we are trying to achieve now (without spilling too much beans on the topic), is to inform our PBX users of relevant call events.

Now - the relevant is a key word here - as the parameters for determining which is relevant for me a user are dynamic and that decision is made on the backend.

I know I could always have event URIs: blah.blah.blah.{orgnizationID}.{userID}.specific_event and then use that for user based routing; but from a perspective of cleaner and easier maintained

frontend and backend code, I was thinking of “plugable postprocessor” prior to distributing the event; allow me to explain:

API would allow me to register pre-delivery processor to a crossbar, stating URI to pre-process, and a registered rpc method for pre-processing.

For the sake of example:

Event URI: com.service.events.new_conversation

Event pre-processor: com.service.preprocess.new_conversation

Now - whenever crossbar.io were to dispatch com.service.events.new_conversation to a subscribed client, it would first call the com.service.preprocess.new_conversation on each and every meesage-client combo it would be about to send with two parameters: 1) event contents and 2) subscribed user

Then our pre-processor would either: a) return the same event data or modify it if needed (say - removing certain keys from event data), or b) raise and exception if this event should not be distributed to the specific user.

Perhaps something to think about for crossbar.io 2.0 ? :slight_smile:

/Juris

On Tue, Jun 30, 2015 at 1:37 AM, Tobias Oberstein tobias.o...@gmail.com wrote:

Hi Juris,

thanks for the nice words! Encouraging;) Can you talk a little about what you do or about your system/app? Curious …

Crossbar.io has a feature called “dynamic authorization”: http://crossbar.io/docs/Authorization/#dynamic-authorization

With this, you setup a WAMP component as a dynamic authorizer that will get called by Crossbar.io whenever other session want to run an action (call, register, subscribe, publish) on an URI. The authorizer can allow or deny the specific action.

However, when a publish action on some URI is allowed, all subscribers get the event. A subscribe is also an action of course.

Hope this helps,
/Tobias

Am Montag, 29. Juni 2015 13:36:43 UTC+2 schrieb Juris Breicis:

Hi everyone,

First off - many thanks and all of my appreciation for wonderful job you are doing with this project.

We have been actively using WAMP (Autobahn|Python and Autobahn|JS) for over a year now, in production and are truly amazed by the quality of

library you are providing.

Now as we grow our service, we have come across a challenge, I wanted to ask your quick opinion on:

Our backend system would generate a fairly large event stream; these events have to be distributed to a very dynamic set of clients;

By very dynamic - I mean - something which can not be handled via suffixed subscription addresses. like com.myapp.something.1, com.myapp.something.2, etc.

By design these events are such that don’t want clients to dismiss them as not important; what I want is to do is - “event delivery authorization”:

On each and every event: go through the subscriber list, and perform external validation if this user is entitled to receive this specific event or not.

Is there a standardized way how I can register such validator with crossbar.io , or I have to hack on a router code to achieve this?

Thanks in advance,

Juris

You received this message because you are subscribed to a topic in the Google Groups “Autobahn” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/autobahnws/JNR3yppP3fw/unsubscribe.

To unsubscribe from this group and all its topics, send an email to autobahnws+unsubscribe@googlegroups.com.

To post to this group, send email to autob...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/autobahnws/39d62863-c3d5-4d91-9b4b-801317a80514%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

0 Likes